When Internet Service Providers (ISP) have a new internet link provisioned, very often they have shaping rules on their NTU to regulate internet traffic at promised rate. If your firewall/router/switch is sending excessive traffic than promised rate, the packet will be dropped, then ends up with suboptimal performance and slow internet speed. This post is to list out the basic bandwidth shaping or policing rule on Cisco or Fortigate devices.
Telstra Internet Direct – Optimising Network Performance
The below example notice is given by Telstra when they provide the public IP information:
For your Telstra Internet Direct Adapt service to operate at the maximum rate, you are advised to shape your outbound traffic. Within our network we police the rate of your service at your purchased speed. For example, on a 50 Mbps service you should rate limit your outbound traffic to 50 Mbps or below. Due to the differences between routers from different vendors you may need to adjust the burst rate of this feature to find a value that does not exceed our policer. Failure to apply shaping outbound may result in below par speeds being achieved.
Bandwidth Limiting / Shaping on Cisco Switch or Router
The below example is to rate-limit outbound traffic at 400Mbps
conf t policy-map Shaping class class-default shape average 398000000 interface te2/1/4 description **ISP_link** switchport mode access switchport access vlan 4 service-policy output Shaping end wr
Check Shaping interface status
ICTFellaSW01#show policy-map interface TenGigabitEthernet2/1/4 Service-policy output: Shaping Class-map: class-default (match-any) 0 packets Match: any Queueing (total drops) 11664895 (bytes output) 1314982020 shape (average) cir 398000000, bc 1592000, be 1592000 target shape rate 398000000
Fortinet Fortigate Firewall WAN port
Estimated bandwidth on WAN port is mostly used for calculation of traffic control in SD-WAN rules, such as spillover
Traffic Shaping using Outbound shaping profile